I recently emerged tripwire for use on my internet facing server at home. Using the sample policy file, I came up with 298 File system errors (cases of the policy specifying files that don't exist on my sytem, or exist in a different place)

Now of course, being lazy, I really don't want to verify / change 298 things in my twpol.txt. Soo.... I was wondering if anyone would be willing to post a twpol.txt that had been tailored to a base Gentoo system, to which I could add things later.

Am I too lazy? Should I suck it up and start going through my twpol.txt ?

Run $tripwire --check to ensure that your changes have had the desired effect.

You should now have a base policy for your Gentoo instalation.

Now the really hard part comes. Look at the policy file you just edited, add the missing files that do exist on your system to the policy with the appropiate codes. This is the part I am currently performing._________________(X) Yes! I am a brain damaged lemur on crack, and would like to buy your software package for $499.95

Come on guys, would you make the results available for the public? I'm another lazy one I'd suggest to send the results to tripwire.org as well to make them able to share it with whoever. Please ;P That's what opensource is about _________________mb

##############################################################################
# ##
############################################################################## #
# # #
# This is the example Tripwire Policy file. It is intended as a place to # #
# start creating your own custom Tripwire Policy file. Referring to it as # #
# well as the Tripwire Policy Guide should give you enough information to # #
# make a good custom Tripwire Policy file that better covers your # #
# configuration and security needs. A text version of this policy file is # #
# called twpol.txt. # #
# # #
# Note that this file is tuned to an 'everything' install of Red Hat Linux. # #
# If run unmodified, this file should create no errors on database # #
# creation, or violations on a subsiquent integrity check. However, it is # #
# impossible for there to be one policy file for all machines, so this # #
# existing one errs on the side of security. Your Linux configuration will # #
# most likey differ from the one our policy file was tuned to, and will # #
# therefore require some editing of the default Tripwire Policy file. # #
# # #
# The example policy file is best run with 'Loose Directory Checking' # #
# enabled. Set LOOSEDIRECTORYCHECKING=TRUE in the Tripwire Configuration # #
# file. # #
# # #
# Email support is not included and must be added to this file. # #
# Add the 'emailto=' to the rule directive section of each rule (add a comma # #
# after the 'severity=' line and add an 'emailto=' and include the email # #
# addresses you want the violation reports to go to). Addresses are # #
# semi-colon delimited. # #
# ##
##############################################################################

##############################################################################
# ##
############################################################################## #
# # #
# Global Variable Definitions # #
# # #
# These are defined at install time by the installation script. You may # #
# Manually edit these if you are using this file directly and not from the # #
# installation script itself. # #
# ##
##############################################################################

# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
severity = $(SIG_HI)
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.

# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.

#=============================================================================
#
# Copyright 2000 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
# Inc. in the United States and other countries. All rights reserved.
#
# Linux is a registered trademark of Linus Torvalds.
#
# UNIX is a registered trademark of The Open Group.
#
#=============================================================================
#
# Permission is granted to make and distribute verbatim copies of this document
# provided the copyright notice and this permission notice are preserved on all
# copies.
#
# Permission is granted to copy and distribute modified versions of this
# document under the conditions for verbatim copying, provided that the entire
# resulting derived work is distributed under the terms of a permission notice
# identical to this one.
#
# Permission is granted to copy and distribute translations of this document
# into another language, under the above conditions for modified versions,
# except that this permission notice may be stated in a translation approved by
# Tripwire, Inc.
#
# DCM

This config file runs tripwire without errors on my system, but I may very well have neglected some important things. Your mileage may vary, no guarantees expressed or implied, bla-bla-bla

Thankyou Well, I'm not that lazy though, so I'm spending time with writing a shell script that generates your twpol from the system it runs on. I'll post it here when I'll have time to finish it _________________mb

I just imported your policy, but have this strange result:
Tripwire complains about /usr/sbin/siggen not existing. I just remerged the tripwire-ebuild and, yes, there is no siggen file merged. IS THIS NORMAL? or is someone already on my machine (unlikely, but possible)

strange thing is: the siggen.8 man page IS installed, but no binary

PS: I emerged app-admin/tripwire-2.3.1.2-r1_________________To an engineer the glass is neither half full, nor half empty - it is just twice as big as it needs to be. (shamelessly stolen from slartibartfasz)

I found a script at Red Hat forums which comments out the missing files. I just exported the mail message from pine to tw-list.txt and ran this script which I modified to put the comments in a sensible place.

I suppose the tripwire siggen is a tool for creating a signature (i.e. hash) of files for later comparison.
The script mentioned above creates signatures for emails - I'm pretty sure tripwire doesn't need that one